Multi-tenancy support
Alan DeKok
aland at deployingradius.com
Wed Jun 15 20:34:49 UTC 2022
On Jun 14, 2022, at 10:26 PM, Cecil Wei <cecilwei at gmail.com> wrote:
>
> I have been working on a project that we need to support more than 10000
> tenants. I tried to create multiple virtual servers and each listen to
> different ports and I found that I can only create up to 300 virtual
> servers due to the limitation of FD_SETSIZE. In this case I will need to
> have more than 300 servers running which doesn't seem to make much sense.
The normal process is to just create users as "user at realm.org". You can then use one server.
> I also consider the option of creating multiple client sections to specify
> the source IP addresses and the corresponding virtual server. However, I
> don't seem to find a way to identify tenants if the incoming traffic is
> from the same proxy server.
The reason this is hard is because no one does this. It's a bad design, and will cause all kinds of problems in the future.
> I am running out of options and hoping that you may share your experience
> or suggestions.
Just use realms. It's what people have done for 20+ years.
Alan DeKok.
More information about the Freeradius-Users
mailing list